Solved

Sonicwall UDP port forward

Posted on 2010-08-20
11
1,634 Views
Last Modified: 2012-05-10
Greeting,

I have a Sonicwall NSA240 in my network.

I need to open UDP port 21068 and to nat it to this IP address : 172.16.117.5.

I have successfully created my firewall/nat rules with the built-in firewall wizard. (Which I already used to create other firewall / nat rules that currently works.)

The packets doesn't pass my firewall ..

I installed nmap to see if the UDP port are opened on my server and my firewall.

This is my command : nmap -p 21068 -sU -P0 SERVER

I try this command from my local network and this is what I've got

nmap -p 21068 -sU -P0 172.16.117.5

Nmap scan report for 172.16.117.5
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:02:D9:09:01:94 (Reliable Controls)
Nmap done: 1 IP address (1 host up) scanned in 0.59 seconds

I know that this port is open on the server.

I try the same command on my sonicwall

nmap -p 21068 -sU -P0 172.16.117.2

Nmap scan report for 172.16.117.2
Host is up (0.00s latency).
PORT      STATE         SERVICE
21068/udp open|filtered unknown
MAC Address: 00:17:C5:2C:5F:01 (SonicWALL)
Nmap done: 1 IP address (1 host up) scanned in 0.61 seconds

It's supposed to be opened on my sonicwall as well...

I decided to try any other UDP scan port on the server to see if the nmap output was right. When the port isn't open it give me something like this :

PORT STATE SERVICE
34        Closed  unknown

I try the same thing on my Sonicwall but it always told me that the requested UDP port is open ?

I also try the nmap scan from the outside of my network.. it gives me the same output (all udp port seems to be open)

Does all my UDP ports are open in my sonicwall ?

Also, do you have any idea why I can't access my server on the port I opened ?
0
Comment
Question by:tblinc
  • 6
  • 5
11 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33489069
I'd check the log with a connection attempt going to see what it hits.  On the NSA 240, you can setup a packet capture to see if it's getting through.  You might also consider disabling any of the security services for a testing period.  Additionally, check the LAN > WAN and WAN > LAN rules to confirm they're accurate.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33489074
also, please post the logs back here so we can have a look at them.
0
 

Author Comment

by:tblinc
ID: 33503957
I set up a VPN connexion instead. My VPN connection is able to built successfully but I can only ping my dns server and my sonicwall.

I can't ping anything else on my network.

I try to add a firewall rule

VPN -> LAN allow any  but it doesn't work
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 33

Expert Comment

by:digitap
ID: 33504258
what does the lan to vpn rule look like?
0
 

Author Comment

by:tblinc
ID: 33504388
Priority      Source                                           Destination                   Service  Action       Users  
1              WAN RemoteAccess Networks  Vpn DHCP Clients   Any          Allow       All                           
0
 

Author Comment

by:tblinc
ID: 33504452
I saw this when I try to ping something in my network


log.jpg
0
 
LVL 33

Expert Comment

by:digitap
ID: 33504630
Thanks for your patience.

You need to look at the LAN > VPN and VPN > LAN settings.  I don't get the feeling that we're getting there yet.  The best way is to go to Firewall > Access Rules.  Click the radio button called "Drop-down Boxes" and select the From Zone and To Zone.

Regarding the screen shot, IPS is only alerting of the ping.  Since you are not blocking Low alerts, it's only notifying not dropping.
0
 

Accepted Solution

by:
tblinc earned 0 total points
ID: 33626734
I finally find what was my error.

I have a Client and server Antivirus software provided by my sonicwall. The computer in question doesn't have the antivirus installed. So all the traffic was reaching this computer but the computer itselft cannot send anything on the network.

I removed it from the scope and it finally works successfully.

Thank you for your help.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33626778
So, the sonicwall was blocking it because it didn't have the AV client installed, right?
0
 

Author Comment

by:tblinc
ID: 33626948
right
0
 
LVL 33

Expert Comment

by:digitap
ID: 33627043
didn't think of that.  guess i didn't realize you were using the client AV as well as the gateway AV on the sonicwall.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question